Not registered ? Sign Up!
IceWalkers.com - Linux Software downloads and news
Name : Password :
Forgot your password?
Linux SoftwareLinux RPMLinux HowtosLink UsAboutAdvertise
What's new? | Linux Software | Linux RPM Database | Linux Howtos | Add Software |
Take our Quick Survey and enter a drawing for a chance to win a $100 VISA Gift Card.

HOWTOs

Search Howtos :Match :
Howtos Index
Next Previous Contents

2. What and Why (and How?)

2.1 What

A bridge is an intelligent connecting wire betwen two network cards. A firewall is an intelligent insulator.

2.2 Why

You might want a bridge if you have several computers:

  1. to save the price of a new hub when you just happen to have an extra ethernet card available.
  2. to save the bother of learning how to do IP-forwarding and other tricks when you _have_ two cards in your computer.
  3. to avoid maintenance work in the future when things change around!

``Several computers'' might be as few as three if those are routing or bridging or just moving around the room from time to time! You also might want a bridge just for the fun of finding out what it does. 2 was what I wanted a bridge for.

If you are really interested in 1, you have to be one of the very few. Check the NET-2-HOWTO and the Serial-HOWTO for better tricks.

You want a firewall if

  1. you are trying to protect your network from external accesses, or
  2. you are trying to deny access to the world outside from your network.

Curiously, I needed 2 here too. Policy at my university presently is that we should not act as internet service providers to undergraduates.

2.3 How?

I started out bridging the network cards in a firewalling machine and ended up firewalling without having cut the bridge. It seems to work and is more flexible than either configuration alone. I can take down the firewall and keep bridging or take down the bridge when I want to be more circumspect.

I would guess that the bridge code lives just above the physical device layer and the firewalling code lives one layer higher up, so that the bridging and firewalling configurations effectively act as though they are running connected together ``in sequence'' and not ``in parallel'' (ouch!). Diagram: 

-> Bridge-in -> Firewall-in -> Kernel -> Firewall-out -> Bridge-out ->

There is no other way to explain how one machine can be a ``conductor'' and an ``insulator'' at the same time. There are a few caveats but I'll come to those later. Basically you must route packets that you want to firewall. Anyway, it all seems to work together nicely for me. Here is what you do ...

Next Previous Contents
Search Howtos :Match :
Howtos Index
Inkscape 0.47
Vector graphic editor for SVG
DeleGate 9.9.6-pre5
Proxy server which runs on multiple platforms
Nano 2.1.99pre2
Emulate Pico while also offering a few enhancements.
My Money 2.0.49
Personal financial software
Linux Kernel 2.6 2.6.32-rc8
Linux Kernel
GCstar 1.5.0
Personal collections manager
ImageMagick 6.5.7.9
ImageMagick image processing studio
BibleTime 2.4
Bible study software for Linux / KDE
Tellico 2.1.1
Collection manager for books, music, videos, and bibliographies
Totem 2.28.4
Movie player for Gnome
Free IT Magazines, White Papers, eBooks, and more !
Oracle Magazine

Contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more.
Vulnerability Management for Dummies

Get all the Facts and See How to Implement a Successful Vulnerability Management Program.
Website Magazine

Has tapped premier talent in the Internet industry for our content and each and every issue will contain practical advice and insights for website owners.

Linux Software Map
Find Linux RPM
Best Rated Linux Software
Most Rated Linux Software
Linux Distributions
Linux Howtos
Quick Survey

Please take our survey and help us improve our website to serve you better.

Thank you.
Linux Software
Linux / IT Resources
Site Resources
Google
Privacy Policy
Contact Us
Submit Software
Advertising info